GlassWire Control Service open, even when disabled?

During a routine vulnerability scan with Qualys, it was found that port 7010 is open by GlassWire even when Remote Access is disabled. Does this port need to be listened on if the service is disabled? Any way to actually disable this?

Additionally, the vuln scan detected usage of outdated SSL settings (supporting SSLv3/TLS1). Perhaps a false positive, but wanted to make folks aware if that can be fixed

@the-trooper

Without details it’s difficult to understand what you are asking exactly. If you feel there is some kind of vulnerability or issue you can get paid with our bug bounty program here https://hackerone.com/glasswire.

If you do open a ticket there please give very detailed instructions on what you are seeing and how to recreate it. Many bug bounty programs don’t even allow people to submit reports from vulnerability scanners because they have so many false positives and because anyone can operate one, but I think we don’t mention this yet in our scope.

For SSL, I also don’t know without details if it’s our website or what exactly. Please submit a bug bounty if you feel it’s appropriate and real. You can see from the bug bounty page we take quick action and pay out real bugs.

Hi Ken, thanks for your reply. There are two issues - apologies for any confusion.

  1. GlassWire has port 7010 open on the machine, presumably due to the Remote Access feature (port 7010 is listed as the default listening port for this feature). I have Remote access state set to “Not allowed”, so it just seemed odd/unnecessary that the port was actively open. There doesn’t seem to be any ill effects here other than it just showing up as an open port to anyone.

  2. Regarding the SSL, Qualys simply attempts to enumerate what ciphers and SSL formats are available to set up secure connections. GlassWire is reporting that it can connect on what are considered insecure settings (SSLv3, TLS1.0, and some ciphers).

Very minor stuff here because GlassWire replies with an empty response - it just seemed that the port didn’t need to be open with the feature disabled. Happy to report that over there but it’s very minor to be fair.

GlassWire has a client and a service. Is Qualys picking up the connection locally (the connection that never leaves your PC) on your PC between our client/service? If so the details would help us understand what part of our software or website has to do with the SSL scan.

If you think any issues are actual I recommend submitting a bug bounty request so you can get paid money if we find the scan is accurate.

As far as opening ports some details on where you see that would be helpful also. Was it part of the Qualys scan also? Please open a bug bounty report if possible with details/screenshots.